From 0acd0b2e9ba33bbc9a42df043b7348b6324bd012 Mon Sep 17 00:00:00 2001 From: Florian Preinstorfer Date: Wed, 11 Dec 2024 14:33:44 +0100 Subject: [PATCH] Remove use_username_in_magic_dns option Upgrade the use of dns.use_username_in_magic_dns or dns_config.use_username_in_magic_dns to a fatal error and remove the option from the example configuration and integration tests. Fixes: #2219 --- CHANGELOG.md | 2 +- config-example.yaml | 9 --------- hscontrol/types/config.go | 9 ++++----- hscontrol/types/testdata/base-domain-in-server-url.yaml | 1 - .../types/testdata/base-domain-not-in-server-url.yaml | 1 - hscontrol/types/testdata/dns_full.yaml | 2 -- hscontrol/types/testdata/dns_full_no_magic.yaml | 2 -- 7 files changed, 5 insertions(+), 21 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 73225cca84..c217355920 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -76,7 +76,7 @@ This will also affect the way you [reference users in policies](https://github.c ### BREAKING -- Remove `dns.use_username_in_magic_dns` configuration option [#2020](https://github.com/juanfont/headscale/pull/2020) +- Remove `dns.use_username_in_magic_dns` configuration option [#2020](https://github.com/juanfont/headscale/pull/2020), [#2279](https://github.com/juanfont/headscale/pull/2279) - Having usernames in magic DNS is no longer possible. - Remove versions older than 1.56 [#2149](https://github.com/juanfont/headscale/pull/2149) - Clean up old code required by old versions diff --git a/config-example.yaml b/config-example.yaml index 9320439804..b083091ffb 100644 --- a/config-example.yaml +++ b/config-example.yaml @@ -311,15 +311,6 @@ dns: # # you can also put it in one line # - { name: "prometheus.myvpn.example.com", type: "A", value: "100.64.0.3" } - # DEPRECATED - # Use the username as part of the DNS name for nodes, with this option enabled: - # node1.username.example.com - # while when this is disabled: - # node1.example.com - # This is a legacy option as Headscale has have this wrongly implemented - # while in upstream Tailscale, the username is not included. - use_username_in_magic_dns: false - # Unix socket used for the CLI to connect without authentication # Note: for production you will want to set this to something like: unix_socket: /var/run/headscale/headscale.sock diff --git a/hscontrol/types/config.go b/hscontrol/types/config.go index 3dc822ba6d..2af3989646 100644 --- a/hscontrol/types/config.go +++ b/hscontrol/types/config.go @@ -322,14 +322,12 @@ func validateServerConfig() error { depr.fatalIfNewKeyIsNotUsed("dns.nameservers.split", "dns_config.restricted_nameservers") depr.fatalIfNewKeyIsNotUsed("dns.search_domains", "dns_config.domains") depr.fatalIfNewKeyIsNotUsed("dns.extra_records", "dns_config.extra_records") - depr.warn("dns_config.use_username_in_magic_dns") - depr.warn("dns.use_username_in_magic_dns") + depr.fatal("dns.use_username_in_magic_dns") + depr.fatal("dns_config.use_username_in_magic_dns") // TODO(kradalby): Reintroduce when strip_email_domain is removed // after #2170 is cleaned up // depr.fatal("oidc.strip_email_domain") - depr.fatal("dns.use_username_in_musername_in_magic_dns") - depr.fatal("dns_config.use_username_in_musername_in_magic_dns") depr.Log() @@ -337,7 +335,8 @@ func validateServerConfig() error { // TODO(kradalby): Reintroduce when strip_email_domain is removed // after #2170 is cleaned up // "oidc.strip_email_domain", - "dns_config.use_username_in_musername_in_magic_dns", + "dns.use_username_in_magic_dns", + "dns_config.use_username_in_magic_dns", } { if viper.IsSet(removed) { log.Fatal(). diff --git a/hscontrol/types/testdata/base-domain-in-server-url.yaml b/hscontrol/types/testdata/base-domain-in-server-url.yaml index 2d6a4694a0..401f2a4915 100644 --- a/hscontrol/types/testdata/base-domain-in-server-url.yaml +++ b/hscontrol/types/testdata/base-domain-in-server-url.yaml @@ -13,4 +13,3 @@ server_url: "https://server.derp.no" dns: magic_dns: true base_domain: derp.no - use_username_in_magic_dns: false diff --git a/hscontrol/types/testdata/base-domain-not-in-server-url.yaml b/hscontrol/types/testdata/base-domain-not-in-server-url.yaml index 3af345e1f4..80b4a08ff3 100644 --- a/hscontrol/types/testdata/base-domain-not-in-server-url.yaml +++ b/hscontrol/types/testdata/base-domain-not-in-server-url.yaml @@ -13,4 +13,3 @@ server_url: "https://derp.no" dns: magic_dns: true base_domain: clients.derp.no - use_username_in_magic_dns: false diff --git a/hscontrol/types/testdata/dns_full.yaml b/hscontrol/types/testdata/dns_full.yaml index c47e7b0f2c..62bbd3ab57 100644 --- a/hscontrol/types/testdata/dns_full.yaml +++ b/hscontrol/types/testdata/dns_full.yaml @@ -33,5 +33,3 @@ dns: # you can also put it in one line - { name: "prometheus.myvpn.example.com", type: "A", value: "100.64.0.4" } - - use_username_in_magic_dns: true diff --git a/hscontrol/types/testdata/dns_full_no_magic.yaml b/hscontrol/types/testdata/dns_full_no_magic.yaml index ac3cc47017..2f35c3dbd4 100644 --- a/hscontrol/types/testdata/dns_full_no_magic.yaml +++ b/hscontrol/types/testdata/dns_full_no_magic.yaml @@ -33,5 +33,3 @@ dns: # you can also put it in one line - { name: "prometheus.myvpn.example.com", type: "A", value: "100.64.0.4" } - - use_username_in_magic_dns: true